gnupg.git
2 years agoscd: Fix SERIALNO for multiple devices.
NIIBE Yutaka [Tue, 31 Jan 2017 03:56:11 +0000 (12:56 +0900)]
scd: Fix SERIALNO for multiple devices.

* scd/app.c (select_application): Fix the logic if periodical check is
needed.  If it is needed for newly found device(s), kick the loop.
(scd_update_reader_status_file): Return value if select(2) should be
called with timeout.
* scd/ccid-driver.c (ccid_require_get_status): Don't return 0 for
token with no interrupt transfer for now.
* scd/command.c (open_card_with_request): Fix scan by SERIALNO.
* scd/scdaemon.c (update_usb): Remove.
(handle_connections): Evaluate need_tick after handle_tick.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agogpgscm: Use a compact vector representation.
Justus Winter [Mon, 30 Jan 2017 14:51:19 +0000 (15:51 +0100)]
gpgscm: Use a compact vector representation.

* tests/gpgscm/scheme-private.h (struct cell): Add a compact vector
representation.
* tests/gpgscm/scheme.c (vector_length): Use new representation.
(vector_size): New macro.
(get_vector_object): Use the new representation.
(fill_vector): Likewise.
(vector_elem): Likewise.
(set_vector_elem): Likewise.
(mark): Likewise.
(gc): Likewise.  Be careful not to confuse immediate values for type
flags.
(finalize_cell): Vectors now require finalization.
--

Previously, vectors were represented using consecutive cons cells,
wasting one word per cell for the type information.  Fix that by using
a flat array.

Previously, a vector of size N required 1 + (n + 1) / 2 cells.  Now it
uses 1 + (n - 1 + 2) / 3 cells.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Provide framework for immediate values.
Justus Winter [Mon, 30 Jan 2017 14:45:13 +0000 (15:45 +0100)]
gpgscm: Provide framework for immediate values.

* tests/gpgscm/scheme.c (IMMEDIATE_TAG): New macro.
({is,set,clr}_immediate): Likewise.
(enum scheme_types): Make type tags disjoint from immediate values.
(TYPE_BITS): We need one more bit now.
(ADJ,T_MASKTYPE): Compute values.
--
Immediate values are disjoint from all type tags and pointers,
allowing us to store immediate values in all memory locations.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Fix setting the line of the first gc reservation.
Justus Winter [Mon, 30 Jan 2017 16:08:27 +0000 (17:08 +0100)]
gpgscm: Fix setting the line of the first gc reservation.

* tests/gpgscm/scheme.c (_gc_disable): Negate guard.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Introduce macro for the vector length.
Justus Winter [Mon, 30 Jan 2017 14:39:57 +0000 (15:39 +0100)]
gpgscm: Introduce macro for the vector length.

* tests/gpgscm/scheme.c (vector_length): New macro.
(get_vector_object): Use the new macro.
(oblist_add_by_name): Likewise.
(oblist_find_by_name): Likewise.
(oblist_all_symbols): Likewise.
(mk_vector): Likewise.
(mark): Likewise.
(new_slot_spec_in_env): Likewise.
(find_slot_spec_in_env): Likewise.
(opexe_2): Likewise.
(opexe_5): Likewise.
--

Introducing an abstraction reduces the coupling between code using
vectors and the implementation of vectors.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agoRevert "tests: Add test demonstrating issue2929."
Justus Winter [Mon, 30 Jan 2017 12:25:32 +0000 (13:25 +0100)]
Revert "tests: Add test demonstrating issue2929."

This reverts commit 5aafa56dffefe3fac55b9d0555c7c86e8a07f072.

2 years agoExplain commit e175152ef7515921635bf1e00383e812668d13fc.
Werner Koch [Mon, 30 Jan 2017 11:07:46 +0000 (12:07 +0100)]
Explain commit e175152ef7515921635bf1e00383e812668d13fc.

--

2 years agoscd: Fix GetSlotStatus.
NIIBE Yutaka [Mon, 30 Jan 2017 00:30:32 +0000 (09:30 +0900)]
scd: Fix GetSlotStatus.

* scd/apdu.c (get_status_reader): Add ON_WIRE arg, here.
(ct_get_status, pcsc_get_status_direct, pcsc_get_status_wrapped)
(pcsc_get_status, get_status_ccid, my_rapdu_get_status): Likewise.
(reset_pcsc_reader_wrapped, open_pcsc_reader_wrapped): Follow the
change.
(apdu_get_status_internal): It's lower-level driver which judge
it's not needed.  Otherwise, it can't detect the removal.
* scd/ccid-driver.c (ccid_slot_status): After the POWERED_OFF check,
we can skip sending GetSlotStatus packet on wire, when no need.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
Fixes-commit: c8eee4d396a751d41fd1ee1e1b87b851fca172a

2 years agoscd: Don't send GET_STATUS packet if not needed.
NIIBE Yutaka [Mon, 30 Jan 2017 00:05:37 +0000 (09:05 +0900)]
scd: Don't send GET_STATUS packet if not needed.

* scd/apdu.c (apdu_get_status_internal): Add ON_WIRE arg.
(apdu_connect): Call apdu_get_status_internal with ON_WIRE enabled.
(apdu_get_status): For periodical check, call apdu_get_status_internal
with ON_WIRE disabled.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoscd: Fix cancel INTERRUPT transfer.
NIIBE Yutaka [Sun, 29 Jan 2017 23:19:32 +0000 (08:19 +0900)]
scd: Fix cancel INTERRUPT transfer.

* scd/ccid-driver.c (do_close_reader): Don't lock events, but check the
return value of libusb_cancel_transfer.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoscd: More changes on watching removal of card/reader.
NIIBE Yutaka [Fri, 27 Jan 2017 15:18:11 +0000 (00:18 +0900)]
scd: More changes on watching removal of card/reader.

* scd/app-common.h (struct app_ctx_s): Rename field to
periodical_check_needed.
* scd/scdaemon.c (update_usb): Rename from update_fdset_for_usb.
Don't use libusb_get_pollfds any more.
(scd_kick_the_loop): New.
(need_tick): Follow the rename.
(handle_connections): No libusb event handling here.
* scd/app.c (app_new_register): Follow the change of rename.
(select_application, scd_update_reader_status_file): Likewise.
* scd/ccid-driver.c (ccid_usb_thread_is_alive): New.
(intr_cb): Call scd_kick_the_loop.
(ccid_usb_thread): New.  Thread to invoke INTERRUPT callback.
(ccid_open_usb_reader): Add thread invocation.
(ccid_require_get_status): Remove
LIBUSB_WORKS_EXPECTED_FOR_INTERRUPT_ENDP.
(do_close_reader): Carefully handle handle->transfer.
(get_escaped_usb_string): Insert npth_unprotect/npth_protect.
(do_close_reader, bulk_out, bulk_in, abort_cmd, ccid_slot_status)
(ccid_transceive, ccid_transceive_secure): Likewise.

--

It found that libusb_get_pollfds is not supported on Windows.
Besides, it's a bit difficult to use for the select loop.
Thus, we use the thread named ccid_usb_thread, instead.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoscd: Fix release of transfer object.
NIIBE Yutaka [Fri, 27 Jan 2017 11:43:29 +0000 (20:43 +0900)]
scd: Fix release of transfer object.

* scd/ccid-driver.c (intr_cb): Handle LIBUSB_TRANSFER_CANCELLED.
(do_close_reader): When callback is active, call
libusb_cancel_transfer and wait callback is fired off.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoscd: Improve watching USB device removal.
NIIBE Yutaka [Fri, 27 Jan 2017 09:01:52 +0000 (18:01 +0900)]
scd: Improve watching USB device removal.

* scd/apdu.c(struct reader_table_s): Add require_get_status.
(apdu_connect): Change return value meaning.  Call apdu_reset here.
* scd/app.c (app_new_register): Add require_get_status.
(select_application): Use the return value of apdu_connect.
(scd_update_reader_status_file): Call update_fdset_for_usb with
checking all_have_intr_endp.
(app_list_start, app_list_finish): Remove.
* scd/ccid-driver.c (struct ccid_driver_s): Add transfer.
(intr_cb): Don't call libusb_transfer in this callback.
(ccid_require_get_status): New.
(do_close_reader): Call libusb_transfer here.
* scd/scdaemon.c (update_fdset_for_usb): Remove the first argument.

--

With Gnuk Token, it works fine as expected.  With Gemalto reader,
intr_cb is not called when card is removed.  So, the macro
LIBUSB_WORKS_EXPECTED_FOR_INTERRUPT_ENDP is not defined yet.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoscd: Wake up the select when new USB scan.
NIIBE Yutaka [Fri, 27 Jan 2017 05:34:21 +0000 (14:34 +0900)]
scd: Wake up the select when new USB scan.

* scd/scdaemon.c (update_fdset_for_usb): Wake up the select(2).
(handle_connections): Use a kind of "self-pipe" technique.

--

Use pipe to wake up select(2).  If UNIX-only, signal could be used.  For
portability, "self-pipe" is better, here.  Setup for non-blocking for
pipe fds are not needed, because speed of USB device insertion is
limited by human physical interaction;  No one can do hundreds of
device insertion/removal-s per second.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoscd: Only submit apdu_get_status when needed.
NIIBE Yutaka [Thu, 26 Jan 2017 13:02:41 +0000 (22:02 +0900)]
scd: Only submit apdu_get_status when needed.

* scd/apdu.c (apdu_dev_list_finish): Return Boolean value if
all device support INTERRUPT transfer.
* scd/ccid-driver.c (ccid_dev_scan_finish): Likewise.
* scd/app.c (app_new_register): Fix initial value of card_status.
(select_application): Call update_fdset_for_usb.
(scd_update_reader_status_file): Ditto.
* scd/scdaemon.c (update_fdset_for_usb, need_tick): New.
(handle_connections): Call handle_tick when select returns.
Let select watch USB file descriptors, too.
Call libusb_handle_events_timeout_completed for INTERRUPT transfer.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoscd: Fix APP reference counting.
NIIBE Yutaka [Thu, 26 Jan 2017 10:32:51 +0000 (19:32 +0900)]
scd: Fix APP reference counting.

* scd/app.c (scd_update_reader_status_file): Don't call another
release_application_internal.
* scd/command.c (open_card_with_request): Don't require APPTYPE !=
NULL.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoscd: Add INTERRUPT endp support to CCID driver.
NIIBE Yutaka [Thu, 26 Jan 2017 07:54:40 +0000 (16:54 +0900)]
scd: Add INTERRUPT endp support to CCID driver.

* scd/app.c (scd_update_reader_status_file): Fix releas of APP.
* scd/ccid-driver.c (struct ccid_driver_s): Add INTR_BUF.
(intr_cb, ccid_setup_intr): New.
(ccid_open_usb_reader): Call ccid_setup_intr.
(ccid_slot_status): Return CCID_DRIVER_ERR_NO_READER when removed.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agogpg: Fix searching for mail addresses in keyrings.
Justus Winter [Wed, 25 Jan 2017 15:33:20 +0000 (16:33 +0100)]
gpg: Fix searching for mail addresses in keyrings.

* g10/keyring.c (compare_name): Fix KEYDB_SEARCH_MODE_MAIL* searches
in keyrings when the UID is a plain addr-spec.
--
Previously, 'gpg --list-key "<foo@example.org>"' failed if 1/ the
keyring format is used and 2/ the key's UID is a plain addr-spec
(cf. RFC2822 section 4.3), e.g. 'foo@example.org'.

GnuPG-bug-id: 2930
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests,w32: Fix GPGME tests requiring a pinentry.
Justus Winter [Wed, 25 Jan 2017 15:53:40 +0000 (16:53 +0100)]
tests,w32: Fix GPGME tests requiring a pinentry.

* tests/gpgme/gpgme-defs.scm: Use our fake pinentry, and configure it
to supply the correct passphrase.
--
Previously, the GPGME tests used the fake pinentry distributed with
GPGME which is a Bourne shell script.  Use the fake pinentry from
GnuPG instead.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests,w32: Fix gpgsm signature verification test.
Justus Winter [Wed, 25 Jan 2017 14:39:30 +0000 (15:39 +0100)]
tests,w32: Fix gpgsm signature verification test.

* tests/gpgsm/verify.scm: Use 'call-with-binary-output-file' to avoid
automatic line-ending conversion.
--
Previously, Windows' automatic line-ending conversion turned '\n' into
'\r\n' when writing the sample to a file, making the signature
invalid.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agoagent: Fix double free.
Justus Winter [Wed, 25 Jan 2017 12:51:57 +0000 (13:51 +0100)]
agent: Fix double free.

* agent/cache.c (agent_store_cache_hit): Make sure the update is
atomic.
--
Previously, the function freed the last key, and duplicated the new
key after doing that.  There is a chance, however, that calling the
allocator surrenders control to a different thread, causing a double
free if a different thread also calls this function.

To make sure the update is atomic under the non-preemptive thread
model, we must make sure not to surrender control to a different
thread.  Therefore, we avoid calling the allocator during the
update.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Skip GPGME tests that are not built.
Justus Winter [Wed, 25 Jan 2017 10:18:23 +0000 (11:18 +0100)]
tests: Skip GPGME tests that are not built.

* tests/gpgme/wrap.scm: Skip tests that are not built.
--
Previously, all tests from GPGME's test suite that were not built
(e.g. because GPGME was not configured with QT) were marked as
failures.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests,w32: Fix locating GPGME's tests on Windows.
Justus Winter [Wed, 25 Jan 2017 10:16:23 +0000 (11:16 +0100)]
tests,w32: Fix locating GPGME's tests on Windows.

* tests/gpgme/run-tests.scm: Qualify the test with the executable
extension.
--
Previously, the test suite could not locate the test executables on
Windows because the Windows-specific file extension was missing.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpg: Print a warning on Tor problems.
Werner Koch [Tue, 24 Jan 2017 19:45:31 +0000 (20:45 +0100)]
gpg: Print a warning on Tor problems.

* dirmngr/ks-engine-hkp.c (tor_not_running_p): New.
(map_host): Call that to print a warning.
(handle_send_request_error): Ditto and avoid marking the host dead.
Also print a tor_config_problem warning.  Add arg CTRL; adjust callers
to pass that new arg.
* g10/call-dirmngr.c (ks_status_cb): Detect and print the new
warnings.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Simplify error returning inside http.c.
Werner Koch [Tue, 24 Jan 2017 17:41:43 +0000 (18:41 +0100)]
dirmngr: Simplify error returning inside http.c.

* dirmngr/http.c (connect_server): Change to return an gpg_error_t
and to store socket at the passed address.
(http_raw_connect, send_request): Adjust accordingly.
--

This change removes cruft from the code and allows to return the error
code from the name lookup.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: New option --disable-ipv4.
Werner Koch [Tue, 24 Jan 2017 15:36:28 +0000 (16:36 +0100)]
dirmngr: New option --disable-ipv4.

* dirmngr/dirmngr.c (oDisableIPv4): New const.
(opts): New option --disable-ipv4.
(parse_rereadable_options): Set that option.
* dirmngr/dirmngr.h (opt): New field 'disable_ipv4'.
* dirmngr/dns-stuff.c (opt_disable_ipv4): bew var.
(set_dns_disable_ipv4): New.
(resolve_name_standard): Skip v4 addresses when OPT_DISABLE_IPV4 is
set.
* dirmngr/ks-engine-hkp.c (map_host): Ditto.
(send_request): Pass HTTP_FLAG_IGNORE_IPv4 if opt.disable_v4 is set.
* dirmngr/crlfetch.c (crl_fetch): Ditto.
* dirmngr/ks-engine-finger.c (ks_finger_fetch): Ditto.
* dirmngr/ks-engine-http.c (ks_http_fetch): Ditto.
* dirmngr/ocsp.c (do_ocsp_request): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agotools: Use platform abstraction for I/O.
Justus Winter [Tue, 24 Jan 2017 14:36:59 +0000 (15:36 +0100)]
tools: Use platform abstraction for I/O.

* tools/gpg-connect-agent.c (main): Use a gpgrt_stream_t for
'script_fp'.  Adapt accordingly.
--
Werner asked me to make gpgconf use the platform abstractions that
were introduced after gpgconf's inception.  After doing that, I
realized that 'read_line' is only used in two more places, one of
which this patch takes care of.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotools: Use platform abstraction for I/O.
Justus Winter [Tue, 24 Jan 2017 14:06:43 +0000 (15:06 +0100)]
tools: Use platform abstraction for I/O.

* tools/gpgconf-comp.c (retrieve_options_from_file): Use a
gpgrt_stream_t for 'list_file'.  Adapt accordingly.
(copy_file): Likewise for 'src' and 'dst'.
(change_options_file): Likewise for 'src_file' and 'dest_file'.
(change_options_program): Likewise for 'src_file' and 'dest_file'.
(gc_process_gpgconf_conf): Likewise for 'config'.
--
Werner asked me to make gpgconf use the platform abstractions that
were introduced after gpgconf's inception.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotools: Use platform abstraction for renaming files.
Justus Winter [Mon, 23 Jan 2017 13:26:00 +0000 (14:26 +0100)]
tools: Use platform abstraction for renaming files.

* tools/gpgconf-comp.c (gc_component_change_options): Use
'gnupg_rename_file'.  Also, block signals across all renames in an
attempt to make the whole process atomic.
--
Werner asked me to make gpgconf use the platform abstractions that
were introduced after gpgconf's inception.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotools: Add comments explaining the functions parameters.
Justus Winter [Tue, 24 Jan 2017 11:57:43 +0000 (12:57 +0100)]
tools: Add comments explaining the functions parameters.

* tools/gpgconf-comp.c (change_options_file): Add comments explaining
the functions parameters.
(change_options_program): Likewise.
--
From reading those two functions it is not clear why we write the new
configuration to the source file, and read the current configuration
from the destination file.  The identifiers are named for the benefit
of the callee.

Note that identifiers that require that much explanation are poorly
chosen.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotools: Improve error handling.
Justus Winter [Mon, 23 Jan 2017 13:24:22 +0000 (14:24 +0100)]
tools: Improve error handling.

* tools/gpgconf-comp.c (gp_component_change_options): Improve error
handling when reading from stdin.
--
Previously, errors encountered while reading the configuration changes
were ignored.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotools: Fix memory leak.
Justus Winter [Mon, 23 Jan 2017 10:52:30 +0000 (11:52 +0100)]
tools: Fix memory leak.

* tools/gpgconf-comp.c (change_options_file): Fix leak.
--
Previously, 'src_filename' and 'orig_filename' leaked if creating the
backup file failed.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Add test demonstrating issue2929.
Justus Winter [Tue, 24 Jan 2017 13:28:36 +0000 (14:28 +0100)]
tests: Add test demonstrating issue2929.

* tests/openpgp/Makefile.am (XTESTS): Add new test.
* tests/openpgp/issue2929.scm: New file.
--
This test demonstrates a problem with the TOFU trust model when a new
key is created.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Enable gpgconf test.
Justus Winter [Tue, 24 Jan 2017 13:20:36 +0000 (14:20 +0100)]
tests: Enable gpgconf test.

* tests/openpgp/Makefile.am (XTESTS): Re-add gpgconf.scm.
--
This partially reverts 25e029823813e190a18b601af60efcb1fb3b84af.

That change was not sufficiently motivated, and our continuous
integration server shows no recent distcheck failures.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agospeedo: Remove the unused ADNS package.
Werner Koch [Mon, 23 Jan 2017 22:03:36 +0000 (23:03 +0100)]
speedo: Remove the unused ADNS package.

--

2 years agoUpdate NEWS with link to release announcement.
Werner Koch [Mon, 23 Jan 2017 21:56:50 +0000 (22:56 +0100)]
Update NEWS with link to release announcement.

--

2 years agoPost release updates
Werner Koch [Mon, 23 Jan 2017 21:24:20 +0000 (22:24 +0100)]
Post release updates

--

2 years agoRelease 2.1.18 gnupg-2.1.18
Werner Koch [Mon, 23 Jan 2017 18:26:37 +0000 (19:26 +0100)]
Release 2.1.18

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agobuild: Change make distcheck configure and temp. remove gpgconf.scm.
Werner Koch [Mon, 23 Jan 2017 20:14:32 +0000 (21:14 +0100)]
build: Change make distcheck configure and temp. remove gpgconf.scm.

* Makefile.am (DISTCHECK_CONFIGURE_FLAGS): Also test gpgtar and
wks-tools.  Disable ntbtls.
* tests/openpgp/Makefile.am (XTESTS): Temporary remove gpgconf.scm.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agopo: Auto update
Werner Koch [Mon, 23 Jan 2017 18:26:12 +0000 (19:26 +0100)]
po: Auto update

--

2 years agopo: Translate two new strings to German
Werner Koch [Mon, 23 Jan 2017 18:24:48 +0000 (19:24 +0100)]
po: Translate two new strings to German

--

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoUpdate copyright notices for 2017.
Werner Koch [Mon, 23 Jan 2017 18:16:55 +0000 (19:16 +0100)]
Update copyright notices for 2017.

--

Also some http:// -> https:// fixes.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoFix format string errors and some missing error case initialization.
Werner Koch [Mon, 23 Jan 2017 15:32:44 +0000 (16:32 +0100)]
Fix format string errors and some missing error case initialization.

* common/logging.c (do_logv): Remove extra parentheses in comparison.

* dirmngr/dns-stuff.c (resolve_addr_libdns): Init RES so that
dns_res_close is given a defined value in the error case.

* dirmngr/http.c (cookie_read, cookie_write) [HTTP_USE_NTBTLS]: Fix
format string char.

* dirmngr/ks-engine-hkp.c (ks_hkp_help): Remove duplicate "const".
* dirmngr/ks-engine-http.c (ks_http_help): Ditto.
* dirmngr/ks-engine-kdns.c (ks_kdns_help): Ditto.
* dirmngr/ks-engine-ldap.c (ks_ldap_help): Ditto.

* scd/app-p15.c (send_keypairinfo, do_getattr): Fix format string
char.
* tools/gpgconf-comp.c (gpg_agent_runtime_change): Init PID for the
error case.
(scdaemon_runtime_change): Ditto.
(dirmngr_runtime_change): Ditto.

* tools/gpgconf.c (query_swdb): Init VALUE_SIZE_UL.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: On SIGHUP mark all keyservers alive.
Werner Koch [Mon, 23 Jan 2017 12:07:54 +0000 (13:07 +0100)]
dirmngr: On SIGHUP mark all keyservers alive.

* dirmngr/ks-engine-hkp.c (ks_hkp_reload): New.
* dirmngr/dirmngr.c (dirmngr_sighup_action): Call it.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agolibdns: Hack to skip negation term.
Gaetan Bisson [Mon, 23 Jan 2017 11:46:35 +0000 (12:46 +0100)]
libdns: Hack to skip negation term.

* dirmngr/dns.c (dns_nssconf_loadfile): Skip negation terms in
nsswitch.conf parser.
--

This small patch was submitted along with this comment:

  We've been having issues over at Arch Linux with the new libdns
  code.  Our /etc/nsswitch.conf contains the following line:

    hosts: files mymachines resolve [!UNAVAIL=return] dns myhostname

  And it turns out dirmngr fails to parse the negation statement (the
  bang in !UNAVAIL). This results in gnupg not being able to resolve
  any name.

  Looking at dirmngr/dns.c it was unclear to me how to properly handle
  such negations. The dns_anyconf_scan calls used in
  dns_nssconf_loadfile do not allow to store a negation bit easily...

  In the meantime, I wrote the attached patch which ignores those
  statements altogether. It makes libdns work as expected for us.

Commit log written by wk

2 years agodirmngr: Print debug message only with --debug.
Werner Koch [Mon, 23 Jan 2017 10:39:10 +0000 (11:39 +0100)]
dirmngr: Print debug message only with --debug.

* dirmngr/dns-stuff.c (libdns_init): Call log_debug only if opt_debug
is set.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Handle missing nsswitch.conf.
Phil Pennock [Thu, 19 Jan 2017 06:21:42 +0000 (01:21 -0500)]
dirmngr: Handle missing nsswitch.conf.

* dirmngr/dns-stuff.c (libdns_init): Fallback to files,dns.

--

Signed-off-by: Phil Pennock <phil@pennock-tech.com>
ChangeLog entry by wk.

This fixed the problem:

  Short version: macOS doesn't include /etc/nsswitch.conf and GnuPG's
  dirmngr is hard-erroring when that file is missing, such that no DNS
  operations succeed and --recv-key returns ENOENT type errors to the
  caller.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodco: Register Phil Pennock.
Werner Koch [Mon, 23 Jan 2017 09:54:39 +0000 (10:54 +0100)]
dco: Register Phil Pennock.

--

2 years agogpg: Fix misleading log message when checking regexp.
Damien Goutte-Gattat [Tue, 17 Jan 2017 19:42:09 +0000 (20:42 +0100)]
gpg: Fix misleading log message when checking regexp.

* src/trustdb.c (check_regexp): Correctly print whether the
regexp matched or not.
--

This patch fixes the log message displayed when gpg attempts to
match the regexp associated with a trust signature with an user ID.
The current message interprets the 'ret' variable backwards, and
displays 'YES' when the regexp actually fails to match.

Signed-off-by: Damien Goutte-Gattat <dgouttegattat@incenp.org>
2 years agopo: Fixes to the German translation
Werner Koch [Mon, 23 Jan 2017 09:33:11 +0000 (10:33 +0100)]
po: Fixes to the German translation

--

Justus reported that the German translation for the key listing in
--edit-key does "usage: E" -> "Aufruf: E" which is clearly wrong.  It
turnd out that this translation was once marked as fuzzy and
accidentally unfuzzied by me.

   "Aufruf" (bug) -> "Nutzung"
   "Leistungsfähigkeit" -> "Nutzung"
   "Signaturfähigkeit" -> "Signaturnutzbarkeit" etc.

The last two are in the key generation menu.  Also changed the key
code for "Umschalten der Signaturnutzbarkeit" from "U" to "S".

"Nutzung" is here better than "Fähigkeit" because the latter is more
connected to the property of the algorithm, where the former better
expresses an arbitrary choice.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: New export and import options "backup" and "restore".
Werner Koch [Mon, 23 Jan 2017 09:12:18 +0000 (10:12 +0100)]
gpg: New export and import options "backup" and "restore".

* g10/export.c (parse_export_options): Add "backup" and its alias
"export-backup".
(do_export_one_keyblock): Export ring trust packets in backup mode.
* g10/import.c (parse_import_options): Add "restore" and its alias
"import-restore".
(read_block): Import ring trust packets.
--

These options are intended to, well, backup and restore keys between
GnuPG implementations.  These options may eventually be enhanced to
backup and restore all public key related information.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoscd: Fix INTERRUPT transfer.
NIIBE Yutaka [Mon, 23 Jan 2017 07:12:41 +0000 (16:12 +0900)]
scd: Fix INTERRUPT transfer.

* scd/ccid-driver.c (find_endpoint): Don't return Bulk endpoint as
Interrupt endpoint.
(ccid_poll): Call libusb_interrupt_transfer.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agobuild: Print a commit id in the generated ChangeLog
Werner Koch [Thu, 19 Jan 2017 14:01:44 +0000 (15:01 +0100)]
build: Print a commit id in the generated ChangeLog

* build-aux/gitlog-to-changelog: Print an extra line with the commit
id.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agocommon: Fix buffer copy code again.
Werner Koch [Thu, 19 Jan 2017 13:58:23 +0000 (14:58 +0100)]
common: Fix buffer copy code again.

* common/exectool.c (my_error_from_errno): Remove.
(copy_buffer_do_copy): Do without var RC.
(copy_buffer_flush): Ditto.  Use ERRNO instead of es_write return
code.
(gnupg_exec_tool): Correctly return errors from es_read.
--

Fixes-commit: 55c9212a2338bf0b07c8cf3a69bcedaa28d48d43
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Allow to freeze faked system time.
Damien Goutte-Gattat [Wed, 18 Jan 2017 17:52:12 +0000 (18:52 +0100)]
gpg: Allow to freeze faked system time.

* g10/gpg.c (main): If the parameter for --faked-system-time
ends with a '!', freeze time at the specified point.
* common/gettime.c (gnupg_set_time): Allow to freeze the time
at an arbitrary time instead of only the current time.
* doc/gpg.texi: Update documentation for --faked-system-time.
--

This patch allows the user to modify the behavior of the
--faked-system-time option: by appending a '!' to the parameter,
time in GnuPG will be frozen at the specified time, instead of
advancing normally from that time onward.

Signed-off-by: Damien Goutte-Gattat <dgouttegattat@incenp.org>
2 years agocommon: Clarify use of vars in buffer copy code.
Werner Koch [Thu, 19 Jan 2017 08:57:27 +0000 (09:57 +0100)]
common: Clarify use of vars in buffer copy code.

* common/exectool.c (my_error_from_errno): New.
(copy_buffer_do_copy): Use separate vars for errno values and
gpg-error values for clarity.  s/assert/log_assert/.
(copy_buffer_flush): Ditto.
(gnupg_exec_tool_stream): Use gpg_err_code when testing.
--

NB: It is surprising that es_write seems not to set ERRNO but only
returns the ERRNO value.  Need to check whether this is really the
case.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Add setup of CA for NTBTLS.
NIIBE Yutaka [Thu, 19 Jan 2017 06:39:55 +0000 (15:39 +0900)]
dirmngr: Add setup of CA for NTBTLS.

* dirmngr/http.c [HTTP_USE_NTBTLS] (http_session_new): Add CA by
ntbtls_set_ca_chain.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agocommon: Fix flushing copy buffers.
Justus Winter [Wed, 18 Jan 2017 17:14:41 +0000 (18:14 +0100)]
common: Fix flushing copy buffers.

* common/exectool.c (copy_buffer_flush): Write and flush the data, but
do not hide EAGAIN from the caller.
(gnupg_exec_tool_stream): Retry on EAGAIN.

GnuPG-bug-id: 2425
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agoagent: Reduce sleep time in the progress callback.
Werner Koch [Wed, 18 Jan 2017 09:13:04 +0000 (10:13 +0100)]
agent: Reduce sleep time in the progress callback.

* agent/gpg-agent.c (agent_libgcrypt_progress_cb): Reduce sleep time
from 100ms to 1ms or use gpgrt_yield when build against a recent
libgpg-error.
--

Debian-bug-id: 851298
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpgconf: Allow "all" for --launch, --kill, and --reload.
Werner Koch [Wed, 18 Jan 2017 09:01:55 +0000 (10:01 +0100)]
gpgconf: Allow "all" for --launch, --kill, and --reload.

* tools/gpgconf-comp.c (gc_component_launch): Allow -1 for COMPONENT.
(gc_component_kill): Ditto.
(gc_component_reload): For robustness change the condition to < 0.
* tools/gpgconf.c (main) <aLaunch, aKill, aReload>: Support argument
"all".

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Remove unused definitions.
Werner Koch [Tue, 17 Jan 2017 11:43:13 +0000 (12:43 +0100)]
gpg: Remove unused definitions.

* g10/keydb.h (rt_UNKNOWN, rt_RING): Remove constants.
(keyblock_pos_struct, KBPOS): Remove struct and type.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoscd: Cleanup SERIALNO protocol.
NIIBE Yutaka [Wed, 18 Jan 2017 06:48:50 +0000 (15:48 +0900)]
scd: Cleanup SERIALNO protocol.

* scd/app.c (app_get_serial_and_stamp): Remove.
(app_get_serialno): New.
(app_write_learn_status): Use send_status_direct.
(app_getattr): Use app_get_serialno for SERIALNO and
send with send_status_direct.
* scd/app-openpgp.c (do_getattr): Likewise.
* scd/command.c (cmd_serialno): Don't send TIMESTAMP of 0.
(cmd_learn): Likewise.  Don't inquire with TIMESTAMP of 0.

--

In the SERIALNO protocol, timestamp used to be considered, but had never
used at all.  In the new implementation, removed card/token is always
detected and connection becomes invalid, no timestamp is required any
more.  Examined scute and poldi as well for this protocol change.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoscd: Add "card_list" sub command for GETINFO.
NIIBE Yutaka [Wed, 18 Jan 2017 06:19:38 +0000 (15:19 +0900)]
scd: Add "card_list" sub command for GETINFO.

* scd/app.c (app_send_card_list): New.
* scd/command.c (cmd_getinfo): Fix "status" sub command.
Add "card_list" sub command.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agobuild: Handle packages with dashes in --find-version.
Werner Koch [Tue, 17 Jan 2017 11:14:53 +0000 (12:14 +0100)]
build: Handle packages with dashes in --find-version.

* autogen.sh (--find-version): Improve version extraction.
* (--help): Extend.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Clean bogus subkey binding when cleaning a key.
Werner Koch [Tue, 17 Jan 2017 09:26:34 +0000 (10:26 +0100)]
gpg: Clean bogus subkey binding when cleaning a key.

* g10/trust.c (clean_key): Also clean bogus subkey bindings.
--

GnuPG-bug-id: 2922
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Sync print of additional sig data in --edit-key.
Werner Koch [Tue, 17 Jan 2017 09:23:52 +0000 (10:23 +0100)]
gpg: Sync print of additional sig data in --edit-key.

* g10/keylist.c (show_policy_url): Implement MODE -1.
(show_keyserver_url): Ditto.
(show_notation): Ditto.
* g10/keyedit.c (print_one_sig): Print policy URL, keyserver URL and
notation data to the tty.
--

With this change the listing of signatures in the key edit menu does
now include policy URLs et al in order and not possible after leaving
the menu (it used to go to stdout and not the tty).

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agocommon: Remove unused function tty_print_string.
Werner Koch [Tue, 17 Jan 2017 09:19:06 +0000 (10:19 +0100)]
common: Remove unused function tty_print_string.

* common/ttyio.c (tty_print_string): Rename to ...
(do_print_string): this.  Make local.  Simplify FP case by using
print_utf8_buffer.  Change caller.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Prepare some key cleaning function for use with secret key packets.
Werner Koch [Tue, 17 Jan 2017 08:14:44 +0000 (09:14 +0100)]
gpg: Prepare some key cleaning function for use with secret key packets.

* g10/trust.c (mark_usable_uid_certs): Allow use of secret key packets.
(clean_sigs_from_uid): Ditto.
(clean_uid_from_key): Ditto.
(clean_one_uid): Ditto.
(clean_key): Ditto.
--

Since 2.1 secret keys and public keys use identical data structure and
thus we should not restrict those key cleaning functions to work only
with public key packets.  This change has no immediate effect but may
come handy in the future.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Implement hkps lookups using literal addresses.
Werner Koch [Mon, 16 Jan 2017 18:04:58 +0000 (19:04 +0100)]
dirmngr: Implement hkps lookups using literal addresses.

* dirmngr/ks-engine-hkp.c (map_host): For literal addresses do a
reverse lookup.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Allow reverse DNS lookups in Tor-mode.
Werner Koch [Mon, 16 Jan 2017 18:03:39 +0000 (19:03 +0100)]
dirmngr: Allow reverse DNS lookups in Tor-mode.

* dirmngr/dns-stuff.c (resolve_dns_name): Move up in the file.
(resolve_addr_libdns): New.
(resolve_dns_addr): Divert to resolve_dns_addr.
--

In the old code reverse lookups where disabled in Tor mode.  By
implementing the reverse lookups via libdns it is now possible to do
them also in Tor mode.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Avoid network queries for literal IP addresses.
Werner Koch [Mon, 16 Jan 2017 08:10:46 +0000 (09:10 +0100)]
dirmngr: Avoid network queries for literal IP addresses.

* dirmngr/dns-stuff.c (resolve_name_libdns): USe flags AI_NUMERICHOST
for literal IP addresses.
(resolve_name_standard): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Fix URL creation for literal IPv6 addresses in HKP.
Werner Koch [Thu, 12 Jan 2017 20:09:42 +0000 (21:09 +0100)]
dirmngr: Fix URL creation for literal IPv6 addresses in HKP.

* dirmngr/dns-stuff.c (is_ip_address): Make the return value depend on
the address family.
* dirmngr/ks-engine-hkp.c (map_host): Rename arg R_POOLNAME to
R_HTTPHOST because that is its purpose.  Note that the former
behaviour of storing a NULL to indicate that it is not a pool has not
been used.
(make_host_part): Ditto.
(make_host_part): Make sure that literal v6 addresses are correclty
marked in the constructed URL.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agotests: Improve GPGHOME handling.
Justus Winter [Mon, 16 Jan 2017 12:59:56 +0000 (13:59 +0100)]
tests: Improve GPGHOME handling.

* tests/openpgp/defs.scm (GPGHOME): New variable.
* tests/openpgp/ssh-import.scm: Remove redundant code, use 'path-join'.
* tests/openpgp/tofu.scm: Likewise.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agoagent: Ask specific SERIALNO for pksign/pkdecrypt.
NIIBE Yutaka [Mon, 16 Jan 2017 01:33:08 +0000 (10:33 +0900)]
agent: Ask specific SERIALNO for pksign/pkdecrypt.

* agent/call-scd.c (agent_card_serialno): Add DEMAND argument.
* agent/command-ssh.c (card_key_available): Follow the change.
* agent/learncard.c (agent_handle_learn): Likewise.
* agent/divert-scd.c (ask_for_card): Use DEMAND argument.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoscd: Add --demand option for SERIALNO.
NIIBE Yutaka [Mon, 16 Jan 2017 01:26:16 +0000 (10:26 +0900)]
scd: Add --demand option for SERIALNO.

* scd/app.c (select_application): Add SERIALNO_BIN and SERIALNO_BIN_LEN
arguments.  Return matched APP with a serial number when specified.
* scd/command.c (open_card): Modify for the implicit open only.
(open_card_with_request): New for explicit open and support match with a
serial number.
(cmd_serialno): Support --demand option.
(cmd_learn, cmd_readcert, cmd_readkey, cmd_pksign, cmd_pkauth)
(cmd_pkdecrypt, cmd_getattr, cmd_setattr, cmd_writecert, cmd_writekey)
(cmd_genkey, cmd_random, cmd_passwd, cmd_checkpin, cmd_apdu): Follow
the change of open_card.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agobuild: Make autogen.sh more POSIX friendly (next try)
Werner Koch [Thu, 12 Jan 2017 10:22:37 +0000 (11:22 +0100)]
build: Make autogen.sh more POSIX friendly (next try)

* autogen.sh: Fix dd count to 5.
--

Fixes-commit: 3c00b52f7cb0fbd756c0bbe5134b8f2d69c60dd1
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Rename a var to avoid a shadowing warning.
Werner Koch [Thu, 12 Jan 2017 09:40:26 +0000 (10:40 +0100)]
gpg: Rename a var to avoid a shadowing warning.

* g10/keygen.c (keygen_set_std_prefs): Rename variable.
--

I consider it better not to use the name of a commonly used function.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agotests: Fix t-gettime for a time_t of 64 and a long of 32 bit.
Werner Koch [Thu, 12 Jan 2017 09:39:19 +0000 (10:39 +0100)]
tests: Fix t-gettime for a time_t of 64 and a long of 32 bit.

* configure.ac (AC_CHECK_HEADERS): Add stdint.h.
* common/t-gettime.c: Include stdint.h.
(UINTMAX_C): Define replacement.
(test_isotime2epoch): Use UINTMAX_C for the >32 bit constants.
--

This is for example the case on 32 bit OpenBSD.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agobuild: Make autogen.sh more POSIX friendly.
Werner Koch [Thu, 12 Jan 2017 08:58:57 +0000 (09:58 +0100)]
build: Make autogen.sh more POSIX friendly.

* autogen.sh: Replace non POSIX "cp -a" and "head -c".
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agolibdns: Silence -Wstrict-prototypes on some function ptrs.
Werner Koch [Thu, 12 Jan 2017 08:22:14 +0000 (09:22 +0100)]
libdns: Silence -Wstrict-prototypes on some function ptrs.

* dirmngr/dns.c (dns_rrtype): Ignore -Wstrict-prototypes warning.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agolibdns: Provide replacement for EPROTO.
Werner Koch [Thu, 12 Jan 2017 08:20:49 +0000 (09:20 +0100)]
libdns: Provide replacement for EPROTO.

* dirmngr/dns.c (EPROTO) ![EPROTO]: Define to EPROTONOSUPPORT.
--

This is the same replacement we use in Libassuan
(commit 8ab3b9273524bd344bdb90dd5d3bc8e5f53ead6e) to make it work on
OpenBSD and may other BSD based OSes.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: After a connection failure log a hint if Tor is not running.
Werner Koch [Wed, 11 Jan 2017 16:09:16 +0000 (17:09 +0100)]
dirmngr: After a connection failure log a hint if Tor is not running.

* dirmngr/ks-engine-hkp.c (handle_send_request_error): Check whether
Tor is running.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Mark hosts dead on ENETDOWN.
Werner Koch [Wed, 11 Jan 2017 15:43:30 +0000 (16:43 +0100)]
dirmngr: Mark hosts dead on ENETDOWN.

* dirmngr/ks-engine-hkp.c (handle_send_request_error): Take care of
ENETDOWN.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Fix Tor access for v6 addresses.
Werner Koch [Wed, 11 Jan 2017 15:41:15 +0000 (16:41 +0100)]
dirmngr: Fix Tor access for v6 addresses.

* dirmngr/http.c (use_socks): New.
(my_sock_new_for_addr): New.
(connect_server): Replace assuan_sock_new by my_sock_new_for_addr.
--

Libassuan always uses 127.0.0.1 to connect to the local Tor proxy.
https.c used to create a socket for the actual address family and thus
the connect call in Libassuan fails when it tries to connect to a v6
address using a v4 socket.

It would be cleaner to have the my_sock_new_for_addr function as a
public interface in Libassuan; for now we need to duplicate some code.
from Libassuan.

GnuPG-bug-id: 2902
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Remove warnings about unused global variables.
Werner Koch [Wed, 11 Jan 2017 09:48:20 +0000 (10:48 +0100)]
dirmngr: Remove warnings about unused global variables.

* dirmngr/crlcache.c (oidstr_issuingDistributionPoint): Comment.
* dirmngr/ocsp.c (oidstr_certHash): Comment.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Implement debug option "network" for http.
Werner Koch [Wed, 11 Jan 2017 09:35:46 +0000 (10:35 +0100)]
dirmngr: Implement debug option "network" for http.

* dirmngr/dirmngr.c (parse_rereadable_options): Set http debugging.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Add debug code to http.c.
Werner Koch [Wed, 11 Jan 2017 09:34:49 +0000 (10:34 +0100)]
dirmngr: Add debug code to http.c.

* dirmngr/http.c (opt_verbose, opt_debug): New vars.
(http_set_verbose): New function.
(_my_socket_new): Add debug output.
(_my_socket_ref, _my_socket_unref, session_unref): Call log_debug if
OPT_DEBUG has ben set to 2 in a debugger.
(http_session_new, http_session_ref): Ditto.
(send_request, http_start_data): Print debug output for the request.
(parse_response): Change to use log_debug_string for the response.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agocommon: New function log_debug_with_string.
Werner Koch [Wed, 11 Jan 2017 09:21:32 +0000 (10:21 +0100)]
common: New function log_debug_with_string.

* common/logging.c (do_logv): Factor some code out to ...
(print_prefix): new.
(log_logv): Add arg EXTRASTRING and print it.  Change all callers to
pass NULL for it.
(log_debug_with_string): New.  Uses EXTRASTRING.
--

This function can be used to print a human readable buffer in addition
to a log message to the log stream.  This function will keep all lines
together and prefix them with ">> ".

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agocommon: Avoid unnecessary ambiguity in argparse.
Daniel Kahn Gillmor [Tue, 10 Jan 2017 20:59:36 +0000 (15:59 -0500)]
common: Avoid unnecessary ambiguity in argparse.

* common/argparse.c (find_long_option): Avoid unnecessary ambiguity.
--

If two struct ARGPARSE_OPTS share a prefix in their long_opt name, but
have the exact same short_opt and flags, they are aliases and not
distinct options.  Avoid reporting this as an ambiguity, so that (for
example) both --clearsign and --clear-sign can be invoked as --clear.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Debian-Bug-Id: 850475

2 years agosystemd-user: Enable "systemctl --user reload {dirmngr,gpg-agent}"
Daniel Kahn Gillmor [Tue, 10 Jan 2017 22:12:09 +0000 (17:12 -0500)]
systemd-user: Enable "systemctl --user reload {dirmngr,gpg-agent}"

* doc/examples/systemd-user/*.service: Add ExecReload directives to
  indicate the canonical way to reload the services.

GnuPG recommends reloading the agent and dirmngr with "gpgconf
--reload".  if anyone is running them as systemd user services, they
might ask them to reload in the systemd way, so teach systemd the
right thing to do.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2 years agodoc: Mention dirmngr.conf
Werner Koch [Tue, 10 Jan 2017 15:24:31 +0000 (16:24 +0100)]
doc: Mention dirmngr.conf

--

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agotests: Improve gpgconf test.
Justus Winter [Tue, 10 Jan 2017 14:50:57 +0000 (15:50 +0100)]
tests: Improve gpgconf test.

* tests/openpgp/defs.scm (valgrind): New variable.
(gpg-config): Fix clearing an option.
* tests/openpgp/gpgconf.scm: Also toggle 'quiet'.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotools: Fix memory leaks and improve error handling.
Justus Winter [Tue, 10 Jan 2017 14:42:27 +0000 (15:42 +0100)]
tools: Fix memory leaks and improve error handling.

* tools/gpgconf-comp.c (gc_option_free): New function.
(gc_components_free): Likewise.
(gc_components_init): Likewise.
(retrieve_options_from_program): Use 'xfree', fix memory leak.
(change_options_program): Improve error handling.
(gc_component_change_options): Fix memory leaks.
* tools/gpgconf.c (main): Initialize components.
* tools/gpgconf.h (gc_components_init): New prototype.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Add test for gpgconf.
Justus Winter [Tue, 10 Jan 2017 11:38:07 +0000 (12:38 +0100)]
tests: Add test for gpgconf.

* tests/openpgp/Makefile.am (XTESTS): Add new test.
* tests/openpgp/defs.scm (percent-encode): New function.
(gpg-conf): Generalize so that we can feed stdin.
(gpg-config): New function.
* tests/openpgp/gpgconf.scm: New file.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agocommon: Fix fallback code.
Justus Winter [Tue, 10 Jan 2017 11:31:46 +0000 (12:31 +0100)]
common: Fix fallback code.

* common/logging.c (_log_assert): Fix the variant for compilers that
do not support __FUNCTION__.
* common/logging.h (_log_assert): Likewise.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agodirmngr: Use "pgpkey-hkps" and "pgpkey-hkp" for SRV record lookups.
Werner Koch [Mon, 9 Jan 2017 09:42:30 +0000 (10:42 +0100)]
dirmngr: Use "pgpkey-hkps" and "pgpkey-hkp" for SRV record lookups.

* dirmngr/ks-engine-hkp.c (map_host): Chnage arg NO_SRV to SRVTAG.
(make_host_part): Rewrite.
--

This fixes a regression from 2.0 and 1.4 where these tags have been in
used since 2009.  For whatever reason this was not ported to 2.1 and
"hkp" was always used.

GnuPG-bug-id: 2451
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Do not use a SRV record for HKP if a port was specified.
Werner Koch [Mon, 9 Jan 2017 09:11:20 +0000 (10:11 +0100)]
dirmngr: Do not use a SRV record for HKP if a port was specified.

* dirmngr/http.h (parsed_uri_s): Add field EXPLICIT_PORT.
* dirmngr/http.c (do_parse_uri): That it.
* dirmngr/ks-engine-hkp.c (map_host): Add arg NO_SRV.
(make_host_part): Ditto.
(ks_hkp_resolve): Set NO_SRV from EXPLICIT_PORT.
(ks_hkp_search): Ditto.
(ks_hkp_get): Ditto.
(ks_hkp_put): Ditto.
--

This implements the behaviour of the keyserver helpers from 1.4 and
2.0.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodoc: Update man page for watchgnupg
Werner Koch [Mon, 9 Jan 2017 07:54:45 +0000 (08:54 +0100)]
doc: Update man page for watchgnupg

--

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Implement experimental SRV record lookup for WKD.
Werner Koch [Sun, 8 Jan 2017 17:42:50 +0000 (18:42 +0100)]
dirmngr: Implement experimental SRV record lookup for WKD.

* dirmngr/server.c (cmd_wkd_get): Support SRV records.
--

This patch changes the way a WKD query is done.  Now we first look for
a SRV record for service "openpgpkey" and port "tcp" under the
to-be-queried domain.  If such a record was found and the target host
matches the to-be-queried domain or is a suffix to that domain, that
target host is used instead of the domain name.  The SRV record also
allows to change the port and obviously can be used for
load-balancing.

For example a query for the submission address of example.org with the
SRV record specification

_openpgpkey._tcp        IN     SRV   0 0  0    wkd.foo.org.
                        IN     SRV   0 0  0    wkd.example.net.
                        IN     SRV   0 0  4711 wkd.example.org.

(queried using the name "_openpgpkey._tcp.example.org") would fetch
from this URL:

 https://wkd.example.org:4711/.well-known/openpgpkey/submission-address

Note that the first two SRV records won't be used because foo.org and
example.net do not match example.org.  We require that the target host
is identical to the domain or be a subdomain of it.  This is so that
an attacker modifying the SRV records needs to setup a server in a
sub-domain of the actual domain and can't use an arbitrary domain.
Whether this is a sufficient requirement is not clear and needs
further discussion.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Improve debug output for TLS.
Werner Koch [Sun, 8 Jan 2017 17:07:18 +0000 (18:07 +0100)]
dirmngr: Improve debug output for TLS.

* dirmngr/misc.c (dump_cert): Also print SubjectAltNames.

Signed-off-by: Werner Koch <wk@gnupg.org>